User manual
110
NN42020-110 MCS 5100 Release 4.0 Standard 01.05 January 2008
Standard
3 Configure the Enable DoS filter attribute to true.
The default value is false (disabled).
SIP DoS engineering parameter group
Use the SIP DoS engineering parameter group to configure threshold detection
and lockout characteristics for the SIP DoS mitigation feature.
Use the System Management Console to configure the following parameters:
• LockoutAudit Duration—the interval (in seconds) of the audit used to clear
the lockout condition
— range: 1-MAXINT seconds
— default: 60 seconds
• MaxNumberLockouts—the maximum number of source IP addresses that can
be locked out at one time
— range: 1-MAXINT
— default: 10 000
• AlarmThresholds—the thresholds for the distributed DOS alarms, indicating
the number of locked out endpoints
— minor alarm (first value) default: 10%
— major alarm (second value) default: 50%
— critical alarm (third value) default: 100%
• MaxAttemptsPerInterval—the number of new HTTP transactions per sample
interval
— range: 1-MAXINT
— Session Manager default: 20
— other network element default: 5
• SampleInterval—the sample interval (in seconds), used in the transaction rate
calculation
— range: 1-MAXINT seconds
— default: 5 seconds
Note: MAXINT is a hardware-independent Java constant. It is equal to
2147483647—or 2
31
-1.